ID

VAR-E-201004-0206

EDB ID

12298

TITLE

Huawei EchoLife HG520 - Remote Information Disclosure - Hardware remote Exploit

DESCRIPTION

Huawei EchoLife HG520 - Remote Information Disclosure. CVE-63990 . remote exploit for Hardware platform

AFFECTED PRODUCTS

EXPLOIT

# Exploit Title: Huawei EchoLife HG520 Remote Information Disclosure
# Date: 2010-04-19
# Author: hkm
# Product Link: http://www.huawei.com/mobileweb/en/products/view.do?id=660
# Firmware Versions: 3.10.18.7-1.0.7.0
# 3.10.18.5-1.0.7.0
# 3.10.18.4
# Software Versions: V100R001B120Telmex
# V100R001B121Telmex
# Exploit Download Link:
# http://www.hakim.ws/huawei/HG520_udpinfo.tar.gz
# https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/12298.tar.gz (HG520_udpinfo.tar.gz)

By sending a specially crafted UDP packet you can remotely obtain the
following information: software and firmware versions, MAC, local and
remote IP, model and PPPoE credentials in clear text.

The files required to reproduce this vulnerability can be downloaded
from:

http://www.hakim.ws/huawei/HG520_udpinfo.tar.gz

Requires Python, Scapy and Tcpdump. The way you run this program to test
a local modem is:

~# python udp520.py

For a remote modem:

~# python udp520.py <remoteIP>

* If you can't see the response packet, try using Wireshark.
* If "No module named all" error shows up, install scapy from source.

hkm

hkm@hakim.ws

[ Comunidad Underground de Mexico - http://www.underground.org.mx ]

EXPLOIT LANGUAGE

txt

PRICE

free

TYPE

Remote Information Disclosure

CREDITS

hkm

EXTERNAL IDS

REFERENCES

SOURCES

LAST UPDATE DATE

2022-07-27T09:45:45.910000+00:00

SOURCES RELEASE DATE